<?php session_start();
include("userfunctions.php");
include("../dbconnect.php");
$i = 1;
	if (isset($_POST['prename']) && isset($_POST['name']) && isset($_POST['username'])){
		$query = sprintf("Select * from Person where Username ='%s'",
		$db->real_escape_string($_POST['username']));
		$result = $db->query($query);
		$row = $result->fetch_assoc();
		if (!isset($row['Username'])){
			if (isset($_POST['city'])){
				$query2 = sprintf("Select * from City where CityName ='%s'",
				$db->real_escape_string($_POST['city']));
				$result2 = $db->query($query2);
				$row2 = $result2->fetch_assoc();
				if (!isset($row2['CityId'])){
					$query3 = sprintf("Insert into City set CityName ='%s'",
					$db->real_escape_string($_POST['city']));
					$db->query($query3);
					
					$query2 = sprintf("Select * from City where CityName ='%s'",
					$db->real_escape_string($_POST['city']));
					$result2 = $db->query($query2);
					$row2 = $result2->fetch_assoc();
				}
				$query2 = sprintf("Insert into Person (Username, Name, Firstname, CountryId, CityId, Activated, OwnAccount) values ('%s', '%s', '%s', %d, %d, %b, %b)",
				$db->real_escape_string($_POST['username']), $db->real_escape_string($_POST['name']), $db->real_escape_string($_POST['prename']), $_POST['country'], $row2['CityId'],  0, 0);
				$db->query($query2);
			}else{
				$query2 = sprintf("Insert into Person (Username, Name, Firstname, CountryId, Activated, OwnAccount) values ('%s', '%s', '%s', %d, %b, %b)",
				$db->real_escape_string($_POST['username']), $db->real_escape_string($_POST['name']), $db->real_escape_string($_POST['prename']), $_POST['country'], 0, 0);
				$db->query($query2);
			}
			$query = sprintf("Select * from Person where Username ='%s'",
			$db->real_escape_string($_POST['username']));
			$result = $db->query($query);
			$row = $result->fetch_assoc();
			if (isset($row['Username'])){
				$query2 = sprintf("Insert into Contacts (OwnerPeId, ContactPeId, Approved) values (%d, %d, %b)",
				$_SESSION['PeId'], $row['PeId'], 1);
				$db->query($query2);
				if ($_POST['email'] == $_POST['email1']){
					while (isset ($_POST['email'.$i])){
						if (check_email_address($_POST['email'.$i]) == true){
							$prim = 0;
							if ($_POST['primary'] == $i){
								$prim = 1;
							}
							$query = sprintf("Insert into Email (PeId, EmailAdress, Prim) values (%d, '%s', %b)",
							$row['PeId'], $db->real_escape_string($_POST['email'.$i]), $prim);
							$db->query($query);
						}
						$i++;
					}

					if (isset ($_POST['twitter'])){
						$query = sprintf("Insert into Twitter (PeId, TwitterName) values (%d, '%s')",
						$row['PeId'], $db->real_escape_string($_POST['twitter']));
						$db->query($query);
					}

					echo "<script type=\"text/javascript\"> alert(\"The process is complete, now you can send messages to your new contact\")</script>";
					header ("Location:../../sendamessage.php");
				}else{
					echo "<script type=\"text/javascript\"> alert(\"The email adresses doesn't match\")</script>";
					header ("Location:../../newcontacts.php");
				}
				
			}else{
				echo "<script type=\"text/javascript\"> alert(\"A field is empty or wrong filled out\")</script>";
				header ("Location:../../newcontacts.php");	
			}
		}else{
			echo "<script type=\"text/javascript\"> alert(\"This username is already in use\")</script>";
			header ("Location:../../newcontacts.php");	
		}
	}

?>